![]() ![]() Note that the port-forward feature currently only supports 1 wan interface (eth0 in my case), so during fail-over your port forward won’t work. Set rule 10 destination group address-group ADDRv4_eth0 The following CLI configuration will do the trick: So we can add a rule to our modify chain to NOT load-balance traffic that’s destination address is the WAN address. In case of dual WAN setup the load-balance feature assume the traffic goes from LAN to WAN or vise versa, but in the case of port-forward hairpin the traffic goes from LAN to router and back out to LAN. The above configuration done from GUI is enough for standard port forwarding and hair pin in the single WAN setup. Note that to be able to access from inside the network the forwarded resources we need the so called “Hair Pin” box checked. ![]() The test if the changes are done show load-balance watchdog Set load-balance group G interface eth1 route-test type ping target 8.8.8.8 Set load-balance group G interface eth0 route-test type ping target 8.8.8.8 I decided to ping a more reliable target and also use an IP to avoid the DNS issues. The issue was caused by the slow DNS (UPC DNS has issues) which was causing pings to the default ping target of the watchdog to fail. Note that I experienced frequent switches between the main WAN and the backup WAN. Then to configure some port forwarding rules to access the internal web server or VPNs there is a nice GUI setup window. Starting with firmware version 1.4 EdgeRouter can be configured in a dual WAN setup using a very simple wizard. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |